Make GITHUB_API on client configurable

jupyterlab / jupyterlab-github

GitHub integration for JupyterLab

BSD 3-Clause "New" or "Revised" License

413 stars 106 forks source link

Make GITHUB_API on client configurable #62

Open ktong opened 6 years ago

ktong commented 6 years ago

Our GHE can be connect directly from browser. So if GITHUB_API is configurable, then we do not need server side proxy.

ian-r-rose commented 6 years ago

Do you connect with an access token? The primary reason for the server-side proxy is security: since the access token or client_secret are effectively passwords to a user's GitHub account, it is unsafe to store them client-side.

ktong commented 6 years ago

It does not need access token as user already accesses GHE. Probably Cookie enables access of GHE. If not, access token in access URL also acceptable.

ian-r-rose commented 6 years ago

I have no objection to this enhancement (so long as there is no security issue), but I can't really do it myself without good access to a GHE account. PRs welcome though, and I'm happy to help!